Chapter 8 - 03 - Discuss Vulnerability Assessment - 05_ocred_fax_ocred.pdf
Document Details
Uploaded by barrejamesteacher
null
OCRED
Tags
Related
- Chapter 8 - 03 - Discuss Vulnerability Assessment - 01_ocred.pdf
- Chapter 8 - 03 - Discuss Vulnerability Assessment - 03_ocred.pdf
- Chapter 8 - 03 - Discuss Vulnerability Assessment - 05_ocred.pdf
- Chapter 8 - 03 - Discuss Vulnerability Assessment - 01_ocred_fax_ocred.pdf
- Chapter 8 - 03 - Discuss Vulnerability Assessment - 02_ocred_fax_ocred.pdf
- Chapter 8 - 03 - Discuss Vulnerability Assessment - 04_ocred_fax_ocred.pdf
Full Transcript
Certified Cybersecurity Technician Exam 212-82 Network Security Assessment Techniques and Tools Vulnerability-Management Life Cycle & Identify...
Certified Cybersecurity Technician Exam 212-82 Network Security Assessment Techniques and Tools Vulnerability-Management Life Cycle & Identify N E Monitor Assets and Verification Create a Baseline Vulnerability-Management Life Cycle The vulnerability management life cycle is an important process that helps identify and remediate security weaknesses before they can be exploited. This includes defining the risk posture and policies for an organization, creating a complete asset list of systems, scanning, and assessing the environment for vulnerabilities and exposures, and taking action to mitigate the vulnerabilities that are identified. The implementation of a vulnerability management lifecycle helps gain a strategic perspective regarding possible cybersecurity threats and renders insecure computing environments more resilient to attacks. Vulnerability management should be implemented in every organization as it evaluates and controls the risks and vulnerabilities in the system. The management process continuously examines the IT environments for vulnerabilities and risks associated with the system. Organizations should maintain a proper vulnerability management program to ensure overall information security. Vulnerability management provides the best results when it is implemented in a sequence of well-organized phases. The phases involved in vulnerability management are: = |dentify Assets and Create a Baseline This phase identifies critical assets and prioritizes them to define the risk based on the criticality and value of each system. This creates a good baseline for vulnerability management. This phase involves the gathering of information about the identified systems to understand the approved ports, software, drivers, and basic configuration of each system in order to develop and maintain a system baseline. Module 08 Page 1077 Certified Cybersecurity Technician Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Network Security Assessment Techniques and Tools = Vulnerability Scan This phase is very crucial in vulnerability management. In this step, the security analyst performs the vulnerability scan on the network to identify the known vulnerabilities in the organization’s infrastructure. Vulnerability scans can also be performed on applicable compliance templates to assess the organization’s Infrastructure weaknesses against the respective compliance guidelines. = Risk Assessment In this phase, all serious uncertainties that are associated with the system are assessed and prioritized, and remediation is planned to permanently eliminate system flaws. The risk assessment summarizes the vulnerability and risk level identified for each of the selected assets. It determines whether the risk level for a particular asset is high, moderate, or low. Remediation is planned based on the determined risk level. For example, vulnerabilities ranked high-risk are targeted first to decrease the chances of exploitation that would adversely impact the organization. = Remediation Remediation is the process of applying fixes on vulnerable systems in order to reduce the impact and severity of vulnerabilities. This phase is initiated after the successful implementation of the baseline and assessment steps. = Verification In this phase, the security team performs a re-scan of systems to assess if the required remediation is complete and whether the individual fixes have been applied to the impacted assets. This phase provides clear visibility into the firm and allows the security team to check whether all the previous phases have been perfectly employed or not. Verification can be performed by using various means such as ticketing systems, scanners, and reports. = Monitor Organizations need to performed regular monitoring to maintain system security. They use tools such as IDS/IPS and firewalls. Continuous monitoring identifies potential threats and any new vulnerabilities that have evolved. As per security best practices, all phases of vulnerability management must be performed regularly. Module 08 Page 1078 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Network Security Assessment Techniques and Tools Vulnerability Assessment Tools: Tobls: Qualys Vulnerahility Management Vulnerahilityl Nllanagement Yy | - = Acloud-based service that offers immediate global visibility into IT system areas that might be vulnerable to the latest Internet threats and how to protect them CONR AP T 30 204 Wibwcato togecren Bonre famean atine aad Leisase Masagrrren Aids inin the Aids the continuous continuous iote telvong b snind i089 identification of threats it ok Sevwrity um Matosligeraties 11 [ et Sarmivve Dua s G taponire monitoring of and monitoring Seing et Levetet Access Vasing faretion o Castind ot unexpected changes in a mutem atenmemwn o sl ot HY WU network before they ‘‘ es SSl e e become breaches PTIrR—r— TR TR,TR s T https.//www.quolys.com Copyright © by ¢il. All Rights Reserved. cil. Reproduction is Strictly Prohibited. Vulnerability Vulnerability Assessment Tools: OpenVAS and ° ° - GFI LanGuard Scans, detects, assesses, and rectifies GFI A framework of several services and tools Laxft;;;lax d Bt security vulnerabilities in a network and OpenVAS offering a comprehensive and powerful connected devices connected devices OpenVAS. ". vulnerability scanning and vulnerability management solution Wi - - o x KR K3 >« S Mamedie Mamadote AcabyMenter AdwiyMenter Papith Pepats Corfgursbion Cerguraisn Utbdis Ulbis 8 8" [Nacums [iacoms ie vermien.. versien.. A e i ¥7 | e&¥ey tew QQ tewss E& Ovrvee Overwae ¥® Comgten Compten 8e Moy Moy Wrewaey Mewwses ¢O % 8B Factes Facrer oWW Fan e @@, Crnwe Ctnwe. Deshbesrd Scans ey Astets Secinte Confguration Configuration Extras Administration Help.= Mottt D:;n--w: | ) SERVER2016 (10.10.10.16] (10.10.10,16] ———r. o s Locstvost | SRR 01 + ) Locd trran : WORKGADLS @ 1| I Wit Lot o [ 3 tecrty tareen " Comutn e 8 Comute Dol B 0 ?QA y___:k_u._‘- m‘" soly - - - rol frstel - iN L ""; -: € somwers wren Qhmnw&n TL gN Nee SERERIE SERVERNIG everse=sevesiiy -. oo | Lmimm o - ¢. 'l':--;::;‘l:l ot WOy et 8 : Tep f':) - § immn bs Ad v N oR ) gummeme] B ;l-::’:»umm-lm - vrermates Pachs ot Upha AN Son el. WA wn ICDETHT. 1D eaS1637 ad) dead 6273 - %} ¥ oy - ' ‘@ ‘v Filter Group Group Search Overview Computers History Vulnerabilties Patches Ports Software 95{“““‘“’* v 95{"9N3M0'* LV
